POSITION SUMMARY:
As the Application Security Architect, you will work on-site at our corporate office in Springfield, MO, and lead the strategy and execution of application security across both modern cloud-native platforms and legacy WebSphere Commerce Suite (WCS) environments. You will be responsible for designing, implementing, and maintaining secure software development practices, application security controls, and threat mitigation strategies across diverse technology stacks. The ideal candidate will bring deep expertise in secure coding, DevSecOps, cloud-native application security, and legacy platform hardening. This role will collaborate closely with development, infrastructure, cloud engineering, and business teams to ensure secure design and implementation of applications across hybrid environments.

ESSENTIAL FUNCTIONS:

Application Security & DevSecOps:

Integrate security testing and compliance validation (SAST, DAST, SCA) into CI/CD workflows using tools such as Git, Jenkins, SonarQube, and container registriesDevelop and maintain security-as-code and policy-as-code models to enforce preventive and detective controls across application environmentsChampion “shift-left” principles by embedding security tooling and practices early in the software development lifecycleDrive adoption of automated vulnerability management, threat modeling, and secure coding practices across cloud and legacy platformsCollaborate with development teams to remediate vulnerabilities and implement secure design patterns

Legacy Platform Security (WCS):

Assess and enhance the security posture of legacy WebSphere Commerce Suite applicationsImplement secure coding standards and hardening techniques specific to Java-based legacy systemsDesign compensating controls and monitoring strategies to mitigate risks in legacy environmentsCollaborate with infrastructure and operations teams to secure WCS integrations, APIs, and data flows

Cloud-Native Application Security:

Architect secure application solutions in Azure and GCP with emphasis on identity management, workload isolation, and data protectionDefine and implement application-layer controls using CSPM, CWPP, and container security toolsSecure containerized and serverless applications using platform-native controls and third-party solutionsBuild reusable secure design patterns and reference architectures for cloud-native applications

Governance, Strategy & Innovation:

Establish and continuously improve application security policies, standards, and secure development guidelinesConduct threat modeling and risk assessments for both cloud-native and legacy applicationsEvaluate and prototype emerging application security technologies and methodologiesLead architecture review processes to ensure alignment with enterprise risk tolerance and regulatory standardsMentor developers and architects on secure coding, threat modeling, and application security best practicesCollaborate with audit, risk, and compliance teams to ensure applications meet regulatory requirements (e.g., PCI DSS, SOC 2, NIST)

ALL OTHER DUTIES AS ASSIGNED

EXPERIENCE/QUALIFICATIONS:

Bachelor’s degree in Computer Science, Engineering, or related discipline, or equivalent work experience10+ years of experience in application security, software architecture, or secure development5+ years of experience securing cloud-native applications in Azure or GCP3+ years of experience securing legacy platforms, preferably WebSphere Commerce SuiteHands-on experience with DevSecOps practices, CI/CD pipelines, and automated security testingDeep knowledge of secure coding practices, OWASP Top 10, and application-layer threat mitigationExperience with cloud-native security services (e.g., Azure Defender, GCP Security Command Center)Professional certifications preferred (e.g., CSSLP, CISSP, GCSA, CCSP)Familiarity with compliance standards such as NIST 800-53, ISO 27001, SOC 2, and PCI DSS

TRAVEL REQUIREMENTS:
Occasional travel to visit key facilities or in support of team meetings (less than 15%)

PHYSICAL REQUIREMENTS:
Regularly performs computer work and sits
Occasionally walks and stands
Seldom/never lifts up to 50lbs

INDEPENDENT JUDGEMENT:
Develops strategic direction, goals, plans, and policies for application security. Sets broad objectives and is accountable for overall results in respective area of responsibility. Requires high degree of independent judgment and problem solving of complex problems.

Full Time Benefits Summary:
Enjoy discounts on retail merchandise, our restaurants, world-class resorts and conservation attractions!

MedicalDentalVisionHealth Savings AccountFlexible Spending AccountVoluntary benefits401k Retirement SavingsPaid holidaysPaid vacationPaid sick timeBass Pro Cares FundAnd more!

Bass Pro Shops is an equal opportunity employer.  Hiring decisions are administered without regard to race, color, creed, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, ancestry, citizenship status, disability, veteran status, genetic information, or any other basis protected by applicable federal, state or local law.

Reasonable Accommodations

Qualified individuals with known disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and certain state or local laws.
If you need a reasonable accommodation for any part of the application process, please visit your nearest location or contact us at hrcompliance@basspro.com.

Bass Pro Shops